[CentOS] remote syslog question

fred smith fredex at fcshome.stoneham.ma.us
Sat Dec 3 18:13:08 UTC 2011


On Sat, Dec 03, 2011 at 12:30:14PM -0500, fred smith wrote:
> On Sat, Dec 03, 2011 at 06:21:25PM +0100, Tilman Schmidt wrote:
> > Am 03.12.2011 00:04, schrieb fred smith:
> > > I've got my router using syslog on my centos box to log the router's
> > > system events. Works fine.
> > > 
> > > however, it mixes 'em into /var/log/messages along with the messages
> > > from the Centos box itself.
> > > 
> > > is there a way to separate them into itsown (set of??) files? So far
> > > I've not come up with anything.
> > 
> > Every syslog daemon I know of (even good old syslogd classic) is able
> > to direct messages to different files depending on their facility and
> > priority. Most routers send their messages with one of the "local"
> > facilities (local0 .. local7), though it's frequently neither
> > documented nor configurable, at least with the cheap consumer grade
> > models. OTOH, on a typical CentOS system little else uses the local*
> > facility. So chances are if you configure your syslog daemon to log
> > all of the local* facilities to a file /var/log/router and not to
> > /var/log/messages you'll end up with just the router messages in
> > /var/log/router.
> > 
> > HTH
> 
> thanks, Tilman, it may well be of help. I'll check that out.

hmm.,.. a little hacking with wireshark shows that the bulk of them 
(the ones reporting dropped packets on the firewall) are USER.WARNING.
probably not easily filterable, as I'd suspect there are also some
of the same sort locally. but I'll keep looking.


-- 
---- Fred Smith -- fredex at fcshome.stoneham.ma.us -----------------------------
  "And he will be called Wonderful Counselor, Mighty God, Everlasting Father,
  Prince of Peace. Of the increase of his government there will be no end. He 
 will reign on David's throne and over his kingdom, establishing and upholding
      it with justice and righteousness from that time on and forever."
------------------------------- Isaiah 9:7 (niv) ------------------------------



More information about the CentOS mailing list